[ previous ] [ next ] [ threads ]
 From:  Eric Boudrand <eric at boudrand dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Fragmentation issue
 Date:  Fri, 03 Oct 2008 12:35:00 +0200

I am using m0n0wall 1.235 (built on Thu Sep 4 21:49:17 CEST 2008) on a
Soekris 4511. On my LAN, I connected an IPSec client to a remote server.
I have problem for getting big files (more than 50 kB) on a remote
shared folder. 

I made a wireshark capture between the Internet and my soekris box and
between my soekris box and the computer with the IPsec client. I saw
there is an issue with fragmented packets.

For example, the client is receiving three packets. Packets 1 and 2 are
fragmented. Not packet 3. 
- Packet 1 is 1500 bytes long and have Flag to 0x02 (More Fragments) and
Fragment offset to 0x00. IP identification is 0x7820.
- Packet 2 is 88 bytes long and have no Flag (set to 0x00) and Fragment
offset to 1480. IP identification is 0x7820.
- Packet 3 is 1168 bytes long and no Flag and no Fragment offset. IP
identification is 0x7821.
After the soekris box, I cannot find packet 2. Packet 1 is the same, but
with the new computer lan IP address. I can find also packet 3. So
packet 2 was dropped by m0n0wall. I can send the wireshark capture to
the people interested.

ÃČric Boudrand